+1
Best Regards
@__f_f__
about.me/farell
________________________________.
Mail sent from my mobile phone. Excuse for brievety.
Actually, while it can contractually require it, there may be legal barriers to such requirements that would void them in the contracts. If such a contractual requirement were to violate requirements under local law, that contractual requirement becomes unenforceable.
So contrary to your opinion, the answer to the question is clearly "No". ICANN cannot require the collection of data by parties that would violate their legal requirements in doing so.
Best,
Volker
Am 23.01.2017 um 18:45 schrieb Greg Aaron:
ICANN’s Bylaws describe ICANN’s responsibilities and their scope – especially see Article 1, section 1, of ICANN’s Bylaws, entitled “Mission, Commitments and Core Values.” (https://www.icann.org/
resources/pages/governance/ ) Among other things, “ICANN's scope is to coordinate the development and implementation of policies: For which uniform or coordinated resolution is reasonably necessary to facilitate the openness, interoperability, resilience, security and/or stability of the DNS including, with respect to gTLD registrars and registries… functional and performance specifications for the provision of registrar services; registrar policies reasonably necessary to implement Consensus Policies relating to a gTLD registry; resolution of disputes regarding the registration of domain names... Examples of the above include, without limitation: …maintenance of and access to accurate and up-to-date information concerning registered names and name servers”.bylaws-en/#article1 Years back it was decided that the collection and publication of the data was important for accomplishing some legitimate goals, in keeping with the above principles. And since the old days there have been additional statements of note. For example in 2007 the GAC weighed in recognizing a number of specific legitimate uses, including “facilitating inquiries and subsequent steps to conduct trademark clearances and help counter intellectual property infringement” and “contributing to user confidence in the Internet”, in keeping with law. We’re reviewing all this now; just saying that there’s a lot of precedent, and proposals for chnage need to address precedent.
Currently there is an approach that’s important to mention. The contracts say that registrars “shall permit use of data it provides in response to queries for any lawful purposes”. [Emphases added; and except for “mass unsolicited, commercial messages” i.e. spamming, and some high-volume queries.) Access is not prohibited or regulated. All use is allowed except when a use is specifically prohibited.
The alternative is to enumerate all allowable uses and to regulate access based on each user’s intent to honor those allowed uses. And that takes the world to a place where a system must gatekeep all users, and parcel out data to them only after the assert or prove they have a legitimate use and that they will employ the data only for that purpose. IMHO that infringes upon the rights of legitimate users, and is also a completely unmanageable solution.
All best,
--Greg
From: gnso-rds-pdp-wg-bounces@icann.
org [mailto:gnso-rds-pdp-wg-bounces@icann.org ] On Behalf Of Kimpian Peter
Sent: Monday, January 23, 2017 8:53 AM
To: Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> ; gnso-rds-pdp-wg@icann.org
Subject: Re: [gnso-rds-pdp-wg] FW: Now open: 18 January Poll on Purpose
Dear All,
Adding to the purpose debate: usually it is common sense and wiedly reckognised that we don't collect personal data just for the sake of it or in bulk saying it will be good for one purpose or another. Usually data controllers have the obligation to say openly in advance this is why I am going to process (ie collect, agregate, transfer, etc.) personal data. Being said that it can not be excluded that those data will be used/accessed for "higher" common good and for the benefit for all by another athorised data controller. For example a telco company can if all conditions met disclose (!) data it previously collected to law enforcement agencies but this does not mean that the Telco compony can collect, process etc data for law enforcement purpose...
My simple question to start with would be and always was: Is ICANN a law enforcement body? Does ICANN have any power/competence in fighting against crime? And it goes for other purposes as well: Is ICANN an international trademark organisation? Etc...Is the answer given to those questions is shared by all the community of ICANN? In my sense we have to be sure that we answer first those questions before deciding on possible purposes (which does not mean that discloser of data on a case-by case base according to international legal requirements will not be possible after this, but those will be exceptions !!!)
Best regards,
Peter
2017.01.22. 19:20 keltezéssel, Stephanie Perrin írta:
I love your analogy Shane, it is perfect. In data protection terms that would be a use. For a legitimate purpose... sledding. There might have to be repercussions if you cracked the lid....that might be a data breach:-)
I hate being a nit picker and calling out this distinction between purpose of collection as opposed to purpose for use and disclosure, but it is extremely important in terms of data protection. Some laws are more clear than others on the distinction, and you are correct that if we are not careful DP laws will forbid the collection and disclosure of the data. It is certainly clear that for collection of thin data, there is ample justification for collecting the info based on ICANN's limited mandate. However adding law enforcement and other similar website related investigative activities to the list of legitimate purposes is in my view opening a barn door. After a year of discussion we may understand the nuance, that we are talking about thin data, etc etc but when the fruits of our labours are published, it looks like we have all agreed that law enforcement (eg) is a legitimate purpose for collecting registration data. In my view, it is not.
cheers Stephanie
On 2017-01-22 04:03, Shane Kerr wrote:
Greg,If we can say that not all legitimate purposes have to be catered for,then I agree with you. :)If we say that tracking down the registrar of a domain as part oftrademark research is a legitimate purpose, that does not mean that wehave to design the system for this purpose, right?To try an analogy: We can recognize that using the plastic top of agarbage can as a sled is legitimate, but we don't insist on designinglids with sledding in mind.Full disclosure: My own take on the "legitimate purpose" discussionwith regards to "thin data" is that we need *some* purpose for bothgathering and publishing the information, because otherwise privacylaws may prohibit companies from gathering or publishing it. Luckily Ithink that there are so many such purposes that the need for theinformation is indisputable.Jumping ahead... as I said in a prior call (sorry for missing ones sincethen), I would prefer that the information is then allowed for anypurpose, without restriction, because otherwise you have to have notonly tiresome rules about what is allowed but also the Internet Policeto enforce those rules, which seems like a step towards Armageddon.Given that we're still talking about "thin data", which is basicallyjust a pointer to a registrar who has *actual* data, my ownrecommendation is not to stress too much. This stuff is only very, veryvaguely personally identifiable.Cheers,--ShaneAt 2017-01-21 14:51:29 -0500Greg Shatan <gregshatanipc@gmail.com> wrote:I have to disagree. These are legitimate purposes for collection, as wellas for disclosure.GregOn Fri, Jan 20, 2017 at 7:02 PM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca > wrote:I filled it out, but I am afraid for most of the purposes I could notagree. We do not *collect *data for many of those purposes. We discloseit to people for those purposes, but the purpose of collecting those dataelements is not for tax collection, trademark enforcement actions, etc.This is the conflation issue I have raised repeatedly.Apologies if I did not make that point clear enough on the call.Stephanie PerrinOn 2017-01-20 17:35, Gomes, Chuck wrote:Please note that our current poll ends in about 24 hours. So far only 16people have responded.Chuck*From:* gnso-rds-pdp-wg-bounces@icann.org [mailto:gnso-rds-pdp-wg-bounces@icann.org <gnso-rds-pdp-wg-bounces@icann.org> ] *On Behalf Of *LisaPhifer*Sent:* Wednesday, January 18, 2017 1:50 PM*To:* RDS PDP WG <gnso-rds-pdp-wg@icann.org> <gnso-rds-pdp-wg@icann.org>*Subject:* [EXTERNAL] [gnso-rds-pdp-wg] Now open: 18 January Poll onPurposeDear all,As directed in the 18 January WG call, this week's new Poll on Purpose isnow open for WG member participation:https://www.surveymonkey.com/r/SZX9QJZ A PDF of this poll's questions and notes/recordings of the meeting areposted on the 18 January meeting page: https://community.icann.org/x/EbTDAwThis poll will close at *COB Saturday 21 January 2017*.All WG members are encouraged to participate in this poll to help advancedeliberation and prepare for next week's meeting.Best regards,Lisa_______________________________________________ gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg@icann.orghttps://mm.icann.org/ mailman/listinfo/gnso-rds-pdp- wg _______________________________________________ gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________ gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________ gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/ listinfo/gnso-rds-pdp-wg
-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg